AAI Workshop for Service and Resource Providers

15-16 March 2016, 09:00-17:00

Workshop Information

The workshop is intended in particular for organizations that provide resources and services for ELIXIR (life sciences)
and DARIAH (art and humanities) research infrastructures. The workshop is divided into two parts. The first part is
more generic and useful to any service provider interested in providing online services to SAML based identity
federation. The second part is more specific and focuses on integrating a service with ELIXIR and DARIAH research
infrastructure respectively.

The aim of this workshop is to help the service providers to make their resources and services available to the
users of the research infrastructure. This workshop has a down-to-earth and hands-on approach that will be rather
technical and detailed at times. The workshop teaches in practice how to install the open source Shibboleth
software needed to integrate in the research infrastructure. The participants will install, test and configure
a Service Provider using open source Shibboleth SP software. The goal is to make the participants familiar
with the basic configuration of Shibboleth SP. At the end of the training participants should be familiar
with the basic aspects of running a Shibboleth SP and integrating it to ELIXIR or DARIAH research infrastructures.

The workshop is a mix of lectures and hands-on lessons where participants will have an opportunity to play
around with installing and setting up code.

Main goals of the training

Install and configure a Shibboleth Service Provider 2

Know how and where to configure basic functionalities

Learn how to protect static web pages and applications

Understand how attributes can be used within web applications

Learn how to integrate the Shibboleth SP to ELIXIR or DARIAH and what additional services they offer

Requirements

Participants should bring a laptop - if you do not have one, please let the organizers know in advance. You may
also be paired with someone else.

Participants should have a basic understanding of federations and federated identity management,
including the terms and the benefits. Participants should also be familiar with the concept
and the motivation of running Authentication and Authorization Infrastructure (AAI) services.
The basic Linux skills are also strongly recommended.

The training is performed on a virtual machine (VM). The VM image that can be run in Virtual
Box (recommended) or VMware Player/Fusion. To run the SP Training VM the following minimal
requirements have to be met:

Day 1 (Room 2.15): Providing online services to a SAML based identity federation using Shibboleth software

A resource or service provider needs to install a server called Service Provider (SP) and integrate it with
his or her service in order to securely provide resources and services to a SAML based identity federation
online. In this submodule the participants install, test and configure a Service Provider using open source
Shibboleth SP software. The goal is to make the participants familiar with the basics configuration of
Shibboleth SP. At the end of the training participants should be familiar with the basic aspects of running
a Shibboleth SP.

09:00

Welcome and Introductions

09:15

Federated Identity Management, SAML, Shibboleth and VM Setup

10:30

Coffee break

10:50

Basic Shibboleth SP Installation and Configuration

12:30

Lunch break

13:30

Session Handling and User Attributes

15:00

Coffee break

15:20

Access Control, Advanced Topics and Q&A session

17:00

Close

Day 2 (Room 1.10 and Mercury Room)

ELIXIR session (Room 1.10)

Trainers: Michal Prochazka (ELIXIR-CZ), Mikael Linden (ELIXIR-FI)

09:00

Coffee and arrivals

09:15

Introduction to ELIXIR AAI

10:45

Coffee break

11:00

Integrating a SAML SP to the ELIXIR AAI

12:30

Lunch

13:30

Group management in ELIXIR

15:00

Coffee break

15:15

Integrating ELIXIR groups into the SAML SP

16:15

Wrap-up and post-workshop questionnaire

16:30

Close

DARIAH session (Mercury Room)

Trainers: Peter Gietz, Martin Haase (DARIAH-DE / DAASI International)

09:00

Coffee and arrivals

09:15

Introduction to the DARIAH AAI

10:45

Coffee break

11:00

Configuring the Shibboleth SP for the DARIAH AAI (Overview, and Hands-On Part I)

Things to bring to the training

Virtual Box/VMware Player must be installed (see below)
together with the workshop VM image you downloaded
and tested like described below.

Note that the laptop should not be older than 3-4 years. Otherwise,
running the VirtualBox VM might very slow. Please also make sure you
have administrator/root privileges for this laptop!

Download and Test Workshop VM Image

In order to ensure every participant has a working setup for the
hands-on sessions, we kindly ask you to perform the following
steps before the event. Only little time will be available to
troubleshoot basic VirtualBox/VMware/OS problems at the event itself.

Download and install VM solution:
Virtual Box
VMware Player or VMware Fusion work too but Virtual Box
is recommended
Under Windows Vista or newer, please use the administrator
account to install the software!

Start the Training VM image.
You should see how the guest system (Ubuntu 14.04 LTS) starts.
After the boot process, Firefox should be opened automatically.
The page you should see is the workshop page, so:
http://anenadic.github.io/2016-03-15-elixir-aai-workshop-manchester/
- If you see this page, the VM Image has network connectivity
and all should be ok. You can now turn off the VM image.
(you might change the keyboard settings and other GUI
preferences but please don't change anything else)
- If you don't see this page, your laptop probably is not
connected to the Internet or then there is another problem.
If you don't manage to resolve the issues, please let us know
before the training.